CVE-2016-6437
Last modified
CVE-2016-6437 is a vulnerability of currently unknown severity. A vulnerability in the SSL session cache management of Cisco Wide Area Application Services (WAAS) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition due to high consumption of disk space. The user would see a performance degradation. EPSS estimates a 1.73% chance of exploitation in the next 30 days.
Description
A vulnerability in the SSL session cache management of Cisco Wide Area Application Services (WAAS) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition due to high consumption of disk space. The user would see a performance degradation. More Information: CSCva03095. Known Affected Releases: 5.3(5), 6.1(1), 6.2(1). Known Fixed Releases: 5.3(5g)1, 6.2(2.32).
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Wide Area Application Services | 5.3.1 |
| Cisco | Wide Area Application Services | 5.3.3 |
| Cisco | Wide Area Application Services | 5.3.5 |
| Cisco | Wide Area Application Services | 5.3.5a |
| Cisco | Wide Area Application Services | 5.3.5b |
| Cisco | Wide Area Application Services | 5.3.5c |
| Cisco | Wide Area Application Services | 5.3.5d |
| Cisco | Wide Area Application Services | 5.3.5e |
| Cisco | Wide Area Application Services | 5.3.5f |
| Cisco | Wide Area Application Services | 6.1.0 |
| Cisco | Wide Area Application Services | 6.1.1 |
| Cisco | Wide Area Application Services | 6.2.1 |
| Cisco | Wide Area Application Services | 6.2.1a |
References
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2016-6437?
How severe is CVE-2016-6437?
How do I fix CVE-2016-6437?
Are you affected by CVE-2016-6437?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST